Las Vegas Convention Center, West Hall, Level 2, Rooms 228-230
New location for 2024!!! Not on the Vegas Strip.
Village Hours
Day 1 | Friday, August 9, 10am - 6pm |
---|---|
Day 2 | Saturday, August 10, 10am - 6pm |
Day 3 | Sunday, August 11, 10am - 1pm |
All times are in Pacific Time(GMT -7)
Day 1 - August 09, 2024
10:00
10:15
Winning big: AppSec Considerations From the Casino Industry
Talk All AudiencesAleise McGowan
Tennisha Martin
11:00
Arsenal: CyberChef like Automation within BurpSuite - Let's get cooking with the CSTC
Arsenal All AudiencesFlorian Haag
Matthias Göhring
Activity: Spot the Secrets: Finding Secrets Throughout Your Environments by GitGuardian
PODmcdwayne
Mind-Controlling Other Applications: An intro to intra-process hacking
Workshop IntermediateILOVEPIE
Securing Frontends at Scale: Paving our Way to the Post-XSS World
Talk Intermediatejen-ozmen
Aaron Shim
11:45
12:30
Hacking Corporate Banking for Fun and Profit
Talk All Audiencesniks
Charles Waterhouse
13:00
Arsenal: GraphQL Armor - Open Source GraphQL Security
Arsenal All AudiencesTristan Kalos
Antoine Carossio
13:15
SDLC Nightmares - Defeating Secure Code Review GPT Hallucinations
Talk All AudiencesWang Zhilong
Xinzhi Luo
14:00
14:45
15:00
Arsenal: Introducing RAVEN - Discovering and Analyzing CI/CD Vulnerabilities in Scale
Arsenal IntermediateElad Pticha
Oreen Livni
The Open Source Fortress: Finding Vulnerabilities in Your Codebase Using Open Source Tools
Workshop Intermediateiosifache
Arsenal: HunterBounter - Swiss Army Knife for Bug Bounty
Arsenal IntermediateUtku Yildirim
Activity: Spot the Secrets: Finding Secrets Throughout Your Environments by GitGuardian
PODmcdwayne
Activity: Hacking Developers’ Trust – Faking GitHub Contribution by Checkmarx
PODOri Ron
Tal Folkman
15:30
Fine Grained Authorisation with Relationship-Based Access Control
Talk IntermediateBen Dechrai
16:15
I've got 99 problems but a prompt injection ain't watermelon
Talk All AudiencesChloé Messdaghi
Kasimir Schulz
17:00
When Chatbots Go Rogue – Lessons Learned from Building and Defending LLM Applications
Talk All AudiencesJavan Rasokat
Andra
Day 2 - August 10, 2024
10:00
10:15
Navigating the Cyber Security Labyrinth: Choose Your Own Security Adventure?
Talk All Audiencespunkcoder
11:00
BOLABuster: Harnessing LLMs for Automating BOLA Detection
Talk All AudiencesRavid Mazon
Jay Chen
11:40
Unlocking the Gates - Understanding Authentication Bypass Vulnerabilities
Talk All AudiencesVikas Khanna
12:20
13:00
Transforming AppSec: Protecting 'Everything as Code' & Emerging Tech
Panel All AudiencesKunal Bhattacharya
Shahar Man
Trupti Shiralkar
Sara Attarzadeh
Activity: Spot the Secrets: Finding Secrets Throughout Your Environments by GitGuardian
PODmcdwayne
14:00
14:40
Engineers & Exploits: The Quest for Security
Talk IntermediateSpyros Gasteratos
Andra
15:00
Injecting and Detecting Backdoors in Code Completion Models
Workshop IntermediateTal Folkman
Ori Ron
Activity: Spot the Secrets: Finding Secrets Throughout Your Environments by GitGuardian
PODmcdwayne
Activity: API Security 101: Testing and Trivia by Akto.io
PODAnkita Gupta
Ankush Jain
15:20
Speed Bumps and Speed Hacks: Adventures in Car Manufacturers Security
Talk All AudiencesPaulo A. Silva
David Sopas
16:00
16:40
0.0.0.0 Day: Exploiting Localhost APIs From The Browser
Talk AdvancedAvi Lumelsky
Gal Elbaz
17:20
Day 3 - August 11, 2024
10:00
10:15
The Immortal Retrofuturism of Mainframe Computers and How to Keep Them Safe
Talk IntroMichelle Eggers
10:45
11:00
Gridlock: The Dual-Edged Sword of EV and Solar APIs in Grid Security
Talk IntermediateVangelis Stykas
Arsenal: Kubescape - OSS security from left to right and everything in the middle
Arsenal IntermediateActivity: Threat modelling fun session with OWASP Cornucopia
POD IntermediateKonstantinos Papapanagiotou
Activity: Hacking Developers’ Trust – Faking GitHub Contribution by Checkmarx
PODOri Ron
Mário Leitão-Teixeira
Tal Folkman
11:45
Your CI/CD Pipeline Is Vulnerable, But It's Not Your Fault
Talk IntermediateElad Pticha
Oreen Livni